The parameter generation, in a non-interactive zero knowledge system is always going to be an issue, unless its created through a consensus..
Interactive would mean you'd need the other party to be online to redeem your input, so we're working on a way of sending your funds into infinity, where they will be redeemed from infinity.
At a base level there's always going to be some sort of mixing involved, whether its destroying/minting, or whether its using some sort of tokens, etc..
"we're working on a way of sending your funds into infinity, where they will be redeemed from infinity."
After thinking about this for a while I am still not sure if I completely understand what you mean. I have read the zk-snarks whitepaper, etc. Can you elaborate on this point a little?
Thanks!
Coins are removed from circulation, effectively placed in escrow when they are placed in an anonymous output.
We need to prove that we redeemed an output, without revealing which output was redeemed and a redeem transaction would look like a coinbase.
The redeem transaction destroys one of the anonymous outputs but it is not possible to know which one was destroyed.
It won't be possible to use the same output twice, as it would require a secret key which becomes known to everyone when the output is redeemed.
The zk-proof proves the secret key is linked to an output in the set, but only the redeemer knows which one.